Created on
10-29-2024
11:02 PM
Edited on
11-28-2024
12:39 AM
By
Jean-Philippe_P
Description |
This article describes how to collect email from FortiGate with IP based policy where no authentication is used. |
Scope | FortiGate. |
Solution |
Enable the Email collection under Feature Visibility -> Email Collection:
Enable the email collection under the CLI command in the policy where it is necessary to start collecting email IDs.
Commands:
config firewall policy edit <policy ID> set email-collect enable end
Once the above is enabled, users from the policy will get the below notification and disclaimer and users need to accept and provide a valid email ID to access the internet:
Once the Terms and Disclaimer Agreement is accepted and a valid email ID is provided, the user will be allowed to access the Internet.
Add the Email Collection widget under Dashboard -> Status -> Add Monitor to verify email collection.
Search for Email collection:
When selecting Collected Email Monitor, select the FortiGate hostname from dropdown :
Once selected, should be possible to see the collected email IDs:
To check for collected emails in the CLI:
diagnose firewall auth mac list 00:47:65:**:**:**, e*****@gmail.com ----- 1 listed, 0 filtered ------ |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.